Daily Open Source Infrastructure Report 30 October 2013 Top Stories

advertisement
Daily Open Source Infrastructure Report
30 October 2013
Top Stories

The city of Gatesville, Texas, issued a mandatory water-conservation order October 29 and
alerted 20,000 residents and businesses of a possible 24-36 water outage. – Killeen Daily
Herald (See item 15)

Authorities are trying to determine the identity of a body and cause of death after multiple
body parts turned up at two county sewage plants in San Gabriel Valley, California,
October 26. – USA Today (See item 18)

Authorities recaptured two of the four Caddo County Jail inmates who escaped through the
ceiling in the shower at the jail in Anadarko, Oklahoma, October 27. – Columbus Dispatch
(See item 29)

Adobe confirmed that a recent data breach impacted at least 38 million users, with Adobe
ID usernames and hashed passwords obtained by attackers. – Krebs on Security (See item
30)
Fast Jump Menu
PRODUCTION INDUSTRIES
• Energy
• Chemical
• Nuclear Reactors, Materials, and Waste
• Critical Manufacturing
• Defense Industrial Base
• Dams
SUSTENANCE and HEALTH
• Food and Agriculture
• Water and Wastewater Systems
• Healthcare and Public Health
SERVICE INDUSTRIES
• Financial Services
• Transportation Systems
• Information Technology
• Communications
• Commercial Facilities
FEDERAL and STATE
• Government Facilities
• Emergency Services
-1-
Energy Sector
1. October 29, Associated Press – (West Virginia) W.Va. DEP investigates well site
fire, 2 injured. Two workers at an Antero Resources gas-drilling site in Doddridge
County were injured in a flash fire October 27 due to a condensate leak while they were
installing a new separator. The West Virginia Department of Environmental Protection
is investigating the incident.
Source: http://www.wowktv.com/story/23814288/wva-dep-investigates-well-site-fire2-injured
[Return to top]
Chemical Industry Sector
Nothing to report
[Return to top]
Nuclear Reactors, Materials, and Waste Sector
2. October 29, Greenville News – (South Carolina) Oconee Unit 3 back online after 4day shutdown. The Unit 3 reactor at Oconee Nuclear Station near Seneca, South
Carolina, returned to service October 29 after a 4-day shutdown caused by an issue in
the steam generation feedwater system.
Source: http://www.greenvilleonline.com/article/20131029/NEWS/310290061/OconeeUnit-3-back-online-after-4-day-shutdown
[Return to top]
Critical Manufacturing Sector
3. October 28, Automotive News – (National) Jeep Liberty SUVs investigated by U.S.
for door fire complaints. The National Highway Safety Administration opened a
preliminary investigation into model year 2012 Jeep Liberty vehicles after two reports
of fires breaking out in the vehicles’ doors.
Source: http://www.autonews.com/article/20131028/OEM11/131029885/jeep-libertysuvs-investigated-by-u-s-for-door-fire-complaints
4. October 28, U.S. Department of Labor – (Ohio) Napoleon Spring Works faces
$147,600 in proposed OSHA penalties for exposing workers to amputation
hazards at Archbold, Ohio plant. Garage door hardware manufacturer Napoleon
Spring Works was cited by the Occupational Safety and Health Administration for 1
willful, 15 serious, and several other safety violations at its Archbold facility. Proposed
fines totaled $147,600.
Source:
https://www.osha.gov/pls/oshaweb/owadisp.show_document?p_table=NEWS_RELEA
-2-
SES&p_id=25005
[Return to top]
Defense Industrial Base Sector
5. October 28, U.S. Department of Labor – (Indiana) US Department of Labor's OSHA
finds 36 safety violations at Indiana's Crane Army Ammunition Activity following
March explosion. The U.S. Department of Labor's Occupational Safety and Health
Administration issued 36 notices of unsafe or unhealthful working conditions against
Crane Army Ammunition Activity following a March 28 explosion and fire at the
Crane, Indiana facility that hospitalized five workers.
Source:
https://www.osha.gov/pls/oshaweb/owadisp.show_document?p_table=NEWS_RELEA
SES&p_id=25008
[Return to top]
Financial Services Sector
6. October 28, U.S. Attorney’s Office, District of New Jersey – (New Jersey) Co-owner of
company that originated $30 million in fraudulent mortgages pleads guilty. The
former co-owner of Premier Mortgage Services pleaded guilty to taking part in a
mortgage fraud scheme in New Jersey that caused losses of more than $30 million.
Source: http://www.fbi.gov/newark/press-releases/2013/co-owner-of-company-thatoriginated-30-million-in-fraudulent-mortgages-pleads-guilty
7. October 28, Dallas Morning News – (Texas; Ohio) Dallas identity thief convicted
after eating debit card to conceal tax fraud. A Dallas man arrested in Ohio in 2011
was convicted October 25 of 16 counts of fraud in a scheme where he used stolen
identities to fraudulently file income tax returns and collect millions of dollars. Four
accomplices pleaded guilty to related charges.
Source: http://crimeblog.dallasnews.com/2013/10/dallas-identity-thief-convicted-aftereating-debit-card-to-conceal-tax-fraud.html/
[Return to top]
Transportation Systems Sector
8. October 29, KPIC 4 Roseburg – (Oregon) 3 injured in helicopter crash in rural
Douglas County. An accident involving a helicopter that crashed into South Umpqua
River in Douglas County injured three people, required a hazardous materials team to
contain fuel that was leaking from the aircraft, and downed powerlines October 28.
Source: http://www.kpic.com/news/local/Helicopter-crashes-in-Douglas-County229583111.html
-3-
9. October 28, KKTV 11 Colorado Springs – (Wisconsin) Multi-vehicle crash in
Waupaca Co. A multi-vehicle accident involving a semi-truck and a car in the
eastbound lanes of Highway 10 in Waupaca County injured five people and closed
eastbound lanes for nearly six hours October 28.
Source: http://www.fox11online.com/news/local/fox-cities/multi-vehicle-crash-inwaupaca-co
10. October 28, WATE 6 Knoxville – (Tennessee) One person killed in four-car Alcoa
Highway crash. A four-vehicle accident on Alcoa Highway in Knoxville left one
person dead, injured three others, and delayed traffic in both directions for nearly 4
hours October 28.
Source: http://www.wate.com/story/23807725/serious-crash-shuts-down-southboundalcoa-highway-traffic
11. October 28, KUSA 9 Denver – (Colorado) Single-engine plane crashes in Castle
Rock. Fog contributed to a single-engine plane crash in Castle Rock that seriously
injured one person October 28. The Federal Aviation Administration investigated the
crash.
Source: http://www.9news.com/news/article/362227/71/Plane-crashes-in-Castle-Rock
12. October 28, Minneapolis-St.Paul Star Tribune – (Minnesota) Plane crash kills 1 near
airport in Princeton; dog on board survives. An accident involving a small private
plane that crashed at the Princeton Municipal Airport in Minnesota killed one person
October 28 and closed the airport. Authorities are investigating the crash.
Source: http://www.startribune.com/local/north/229585051.html
For additional stories, see items 21, 26
[Return to top]
Food and Agriculture Sector
13. October 29, University of Iowa Daily Iowan – (Iowa) Johnson County crypto
outbreak from apple cider. An outbreak of cryptosporidiosis that sickened eleven
people in Johnson County, Iowa, the week of October 21 was suspected to be caused by
unpasteurized apple cider, but Johnson County Public Health officials have not been
unable to determine the source.
Source: http://www.dailyiowan.com/2013/10/29/Metro/35417.html
14. October 26, Minnesota Department of Health – (Minnesota) Health officials
investigate E. coli O157 infections at pumpkin patch petting zoo. Three people
became ill with confirmed E. coli O157:H7 infections after contact with animals at
Dehn's Pumpkins in Dayton since October 12. The Minnesota Department of Health is
investigating.
Source: http://www.health.state.mn.us/news/pressrel/2013/ecoli102613.html
[Return to top]
-4-
Water and Wastewater Systems Sector
15. October 29, Killeen Daily Herald – (Texas) 20,000 customers in Gatesville without
water. The city of Gatesville issued a mandatory water-conservation order October 29
and alerted 20,000 residents and businesses of a possible 24-36 hour water outage after
a faulty cable at an intake structure prevented electrical power from being restored
following an October 27 power outage.
Source: http://kdhnews.com/news/customers-in-gatesville-withoutwater/article_65c2e5bc-3ff2-11e3-9d2f-001a4bcf6878.html
16. October 29, Bismarck Tribune – (North Dakota) Tiny leak causes big cleanup. Encore
Energy began cleanup operations October 22 after a small pipe leak, discovered in an
underground saltwater disposal line, caused 150 barrels of the water to leach into the
Blacktail Creek drainage on U.S. Forest Service and private land north of Belfield. Oil
well operations which produced the saltwater were halted during cleanup operations
and any penalties will be determined after the cleanup is completed.
Source: http://bismarcktribune.com/news/state-and-regional/tiny-leak-causes-bigcleanup/article_e505c3aa-4054-11e3-a0e5-001a4bcf887a.html
17. October 28, Associated Press – (Pennsylvania) Western Pa. drinking water alert
lifted. The Municipal Authority of Westmoreland County lifted an October 24 boilwater advisory which affected 120,000 western Pennsylvania residents and numerous
businesses, after a damaged filter was replaced.
Source: http://www.wtrf.com/story/23805132/first-test-ok-in-western-pa-drinkingwater-alert
18. October 28, USA Today – (California) Mangled body of woman turns up in L.A.
sewage plants. Authorities are trying to identify a dead woman and determine the
cause of death after body parts they believe are from the same body turned up at two
county sewage plants in San Gabriel Valley October 26. The death is being treated as a
homicide.
Source: http://www.usatoday.com/story/news/2013/10/28/body-in-sewerplants/3292857/
[Return to top]
Healthcare and Public Health Sector
19. October 28, Associated Press – (California) Calif. home for elderly shut down, 14
people abandoned. California officials allowed Valley Springs Manor Community
Care Center in Castro Valley to continue operating as their 14 patients were relocated
after the assisted living facility had its license suspended the week of October 21 due to
several violations. Authorities were called to the facility October 26 after three unpaid
staffers determined they could not take care of the patients.
Source: http://news.msn.com/us/calif-home-for-elderly-shut-down-14-peopleabandoned
-5-
20. October 28, Kalamazoo Gazette – (Michigan) Bomb threat prompts evacuation of
senior center near Battle Creek for several hours. The Evergreen Senior Center and
Rehab Center in Springfield near Battle Creek, Michigan, was evacuated for over 3
hours October 28 after a bomb threat was phoned in. Police searched the facility and
gave an all clear once nothing suspicious was found.
Source:
http://www.mlive.com/news/kalamazoo/index.ssf/2013/10/bomb_threat_prompts_evac
uation.html
[Return to top]
Government Facilities Sector
21. October 29, WGCL 46 Atlanta – (Georgia) Three injured in school bus, SUV
accident in Fulton County. Three people were injured after a West Lake High School
bus and another vehicle got into an accident on Old National Highway in Fulton
County, Georgia, October 29, closing all southbound lanes of the highway.
Source: http://www.cbsatlanta.com/story/23814893/at-least-1-injured-in-school-busvehicle-accident-in-fulton-county
22. October 28, WBRC 6 Birmingham – (Alabama) Crews extinguish fire inside Jeffco
Courthouse parking deck. Authorities are investigating after a car caught fire in the
parking deck of the Jefferson County Courthouse in Birmingham October 28 causing
damage to several other vehicles. The parking deck will remain closed until the
investigation is completed.
Source: http://www.myfoxal.com/story/23804778/crews-extinguish-fire-inside-jeffcocourthouse-parking-deck
23. October 29, Lake County News-Herald – (Ohio) Fairport Harding high school bomb
threat just a scare. School officials cancelled classes October 28 at Harding Junior
and Senior High School in Fairport Harbor after a bomb threat was taped to the front
door of the building. Police searched the school and did not uncover anything
suspicious.
Source: http://www.news-herald.com/general-news/20131029/fairport-harding-highschool-bomb-threat-just-a-scare
24. October 28, Help Net Security – (International) U.K. man indicted for hacking U.S. govt
networks, stealing confidential data. The New Jersey U.S. Attorney’s Office charged a man
in the U.K. for allegedly breaching thousands of U.S. government computer systems and
stealing confidential data. The man and others allegedly broke into the computer systems of
several federal agencies and placed backdoors in their networks that were later used to steal the
data.
Source: http://www.net-security.org/secworld.php?id=15840
25. October 28, Associated Press – (Pennsylvania) Western Pa. county courthouse
reopens after bomb threat; woman charged. A Mercer County, Pennsylvania,
courthouse was evacuated for 3 hours October 28 after a phoned bomb threat.
-6-
Authorities arrested a suspect after tracing the call and cleared the building after
nothing suspicious was found.
Source:
http://www.therepublic.com/view/story/a96b34a9d1be4d7aa01c0056cbe45e7a/PA-Bomb-Threat-Closes-Courthouse
26. October 28, Virginia Gazette – (Virginia) 11 treated at York elementary school after
odor prompts evacuation. Eleven people were transported to area facilities after
complaining of feeling sick due to a strange odor at Magruder Elementary School in
York, Virginia, October 28. The school was evacuated and classes were cancelled
while fire officials searched and tested the building.
Source: http://www.vagazette.com/news/va-vg-magruder-evac-102820131028,0,5847434.story
27. October 28, U.S. Environmental Protection Agency – (Massachusetts) Methuen Mass.
school bus company pays $33K penalty for excessive idling. The U.S.
Environmental Protection Agency reached a settlement with North Reading
Transportation October 28 to settle allegations the company violated federallyenforceable motor vehicle idling limits in Massachusetts communities. The company
will pay a $33,000 penalty and train all drivers, among other policy changes, to address
school bus idling violations.
Source:
http://yosemite.epa.gov/opa/admpress.nsf/0/3753A7230719C83385257C1200654AB8
For another story, see item 16
[Return to top]
Emergency Services Sector
28. October 29, Columbus Dispatch – (Ohio) Ohio will use two new drugs in November
execution. The Ohio Department of Rehabilitation and Correction stated October 28
that State prison officials will use two new drugs for a November 14 execution in
Summit County due to a shortage of pentobarbital. Recent policy changes allowed the
State to use the two drugs that were previously only used as alternatives.
Source: http://www.dispatch.com/content/stories/local/2013/10/28/new-drugs-to-beused-in-execution.html
29. October 28, CNN – (Oklahoma) 2 of 4 Oklahoma jail shower escapees captured,
sheriff says. Authorities recaptured two of the four Caddo County Jail inmates who
escaped through the ceiling in the shower at the jail in Anadarko October 27. Officials
are still searching for the remaining two inmates who are considered armed and
dangerous.
Source: http://www.cnn.com/2013/10/28/justice/oklahoma-showerjailbreak/index.html?hpt=us_c1
[Return to top]
-7-
Information Technology Sector
30. October 29, Krebs on Security – (International) Adobe breach impacted at least
38 million users. Adobe confirmed that a recent data breach impacted at least 38
million users, with Adobe ID usernames and hashed passwords obtained by
attackers. The company also confirmed that the attackers obtained at least some of
the source code for Photoshop, as well as previously reported access to the source
code of Acrobat, Reader, and ColdFusion.
Source: http://krebsonsecurity.com/2013/10/adobe-breach-impacted-at-least-38million-users/
31. October 29, Softpedia – (International) Hackers can hijack Facebook accounts by
exploiting flaw in Android apps. A researcher at Attack Secure found and reported
two vulnerabilities in Facebook applications for Android that could allow an attacker to
steal access tokens and hijack accounts.
Source: http://news.softpedia.com/news/Hackers-Can-Hijack-Facebook-Accounts-byExploiting-Flaw-in-Android-Apps-Video-395206.shtml
32. October 29, Softpedia – (International) Dun & Bradstreet starts notifying customers
of data breach. Dun & Bradstreet began notifying customers that business information
was potentially exposed during an attack in March and April 2013 on their commercial
information databases.
Source: http://news.softpedia.com/news/Dun-Bradstreet-Starts-Notifying-Customersof-Data-Breach-395124.shtml
33. October 29, The Register – (International) Syrian Electronic Army claims U.S.
President social media hijacking. Members of the Syrian Electronic Army hacktivist
group briefly compromised the Twitter and Facebook account of the U.S. President
October 28 and sent out links to the group’s Web site. The group obtained access by
compromising URL shortening service ShortSwitch and Organizing for Action staff
email accounts.
Source:
http://www.theregister.co.uk/2013/10/29/sea_hijack_obama_twitter_facebook_hack/
34. October 28, Threatpost – (International) Scan shows 65% of ReadyNAS boxes on
Web vulnerable to critical bug. A scan by a Rapid7 researcher found that 65 percent
of the Netgear ReadyNAS storage devices exposed to the Internet are still vulnerable to
a critical remotely exploitable vulnerability despite a patch being issued for it in July.
Source: http://threatpost.com/scan-shows-65-of-readynas-boxes-onweb-vulnerable-to-critical-bug/102706
For another story, see item 24
-8-
Internet Alert Dashboard
To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or
visit their Web site: http://www.us-cert.gov
Information on IT information sharing and analysis can be found at the IT ISAC (Information Sharing and
Analysis Center) Web site: https://www.it-isac.org
[Return to top]
Communications Sector
Nothing to report
[Return to top]
Commercial Facilities Sector
35. October 28, WLOS 13 Asheville – (North Carolina) Grove Park Inn evacuated. The
Grove Park Inn in Asheville was evacuated for nearly 2 hours after an electrical issue
with the exhaust fans for a fireplace filled the hallways with smoke. No injuries were
reported.
Source: http://www.wlos.com/shared/news/features/top-stories/stories/wlos_grovepark-inn-evacuated-13769.shtml
36. October 28, KTLA 5 Los Angeles – (California) Woman killed in Panorama City fire
refused to leave apartment. Two Los Angeles Police officers were hospitalized after
trying to rescue a woman and her son October 28 at a Panorama City apartment fire
which also killed one. The cause of the fire is under investigation.
Source: http://ktla.com/2013/10/28/at-least-1-injured-in-panorama-city-apartment-fire/
37. October 28, WSHM 3 Springfield – (Massachusetts) Cleanup begins after Hadley fire
destroys strip mall. The Massachusetts Fire Marshal is investigating the cause of an
October 28 strip mall fire in Hadley which completely destroyed the mall and its
residences.
Source: http://www.cbs3springfield.com/story/23808258/clean-up-beginds-afterhadley-fire-destroys-strip-mall
[Return to top]
Dams Sector
38. October 28, Mabank Monitor – (Texas) After work to fix lake’s leak, refill ordered
at Fireman’s Park in McAllen. The city of McAllen approved a $213,000 project to
repair a leak in the man-made 4-acre, 15.6 million-gallon lake located at Fireman’s
Park. The May 2012 man-made lake was drained following the discovery of the leak,
and operations to refill the lake which began October 22, are expected to be completed
-9-
November 1.
Source: http://www.themonitor.com/news/local/article_80c81922-403d-11e3-8af10019bb30f31a.html
[Return to top]
- 10 -
Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday]
summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily
Open Source Infrastructure Report is archived for 10 days on the Department of Homeland Security Web site:
http://www.dhs.gov/IPDailyReport
Contact Information
Content and Suggestions:
Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS
Daily Report Team at (703) 942-8590
Subscribe to the Distribution List:
Visit the DHS Daily Open Source Infrastructure Report and follow
instructions to Get e-mail updates when this information changes.
Removal from Distribution List:
Send mail to support@govdelivery.com.
Contact DHS
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at nicc@hq.dhs.gov or (202) 282-9201.
To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or visit
their Web page at www.us-cert.gov.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform
personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright
restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source
material.
- 11 -
Download